<?php
//define your token
//include("config.php");
define("TOKEN", "weixin");
$wechatObj = new wechatCallbackapiTest();
$wechatObj->responseMsg();

class wechatCallbackapiTest
{
    public function valid()
    {
        $echoStr = $_GET["echostr"];
        //valid signature , option
        if($this->checkSignature()){
            echo $echoStr;
            exit;
        }
    }

    public function responseMsg()
    {
        //get post data, May be due to the different environments
        $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
          //extract post data
        if (!empty($postStr)){
                 $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
                $fromUsername = $postObj->FromUserName;
                $toUsername = $postObj->ToUserName;
                $keyword = trim($postObj->Content);
                $time = time();
                $textTpl = "<xml>
                            <ToUserName><![CDATA[%s]]></ToUserName>
                            <FromUserName><![CDATA[%s]]></FromUserName>
                            <CreateTime>%s</CreateTime>
                            <MsgType><![CDATA[%s]]></MsgType>
                            <Content><![CDATA[%s]]></Content>
                            <FuncFlag>0</FuncFlag>
                            </xml>";             
                $ev = $postObj->Event;
                if ($ev == "subscribe")
                {
                $textTpl = "<xml>
                            <ToUserName><![CDATA[%s]]></ToUserName>
                            <FromUserName><![CDATA[%s]]></FromUserName>
                            <CreateTime>%s</CreateTime>
                            <MsgType><![CDATA[news]]></MsgType>
                             <ArticleCount>1</ArticleCount>
                             <Articles>
                             <item>
                             <Title><![CDATA[欢迎关注]]></Title> 
                             <Description><![CDATA[时光语录]]></Description>
                             <PicUrl><![CDATA[http://jiekouphp.duapp.com/img/tp21.jpg]]></PicUrl>
                             <Url><![CDATA[http://www.baidu.com]]></Url>
                             </item>
                              </Articles>
                             <FuncFlag>1</FuncFlag>
                            </xml>";  
				$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time);
                   echo $resultStr;
                }
                if(!empty( $keyword ))
                {  
				 $newsTplHeader = "<xml>
                            <ToUserName><![CDATA[%s]]></ToUserName>
                            <FromUserName><![CDATA[%s]]></FromUserName>
                            <CreateTime>%s</CreateTime>
                            <MsgType><![CDATA[news]]></MsgType>
                            <ArticleCount>%s</ArticleCount>
                            <Articles>";
                 $newsTplItem="<item>
                            <Title><![CDATA[%s]]></Title> 
                            <Description><![CDATA[%s]]></Description>
                            <PicUrl><![CDATA[%s]]></PicUrl>
                            <Url><![CDATA[%s]]></Url>
                            </item>";
                $newsTplFooter= "</Articles>
                            </xml> "; 
                   // $msgType = "text";
					    $connect = mysql_connect("192.168.1.13:3306","9fec6c76-4359","809298b8-e66f") or die("链接失败". mysql_error());
					     mysql_select_db("d392621a6cb074ffdabb5c68b2a6a0d12");
					   	mysql_query("SET NAMES UTF8");
						$sql ="SELECT title,description,picUrl,url FROM `newsimages`  LIMIT 0,10";
						$res =mysql_query($sql );
				    	//var_dump($rew);
					   $itemCount = 0;
					while($row =mysql_fetch_assoc($res))
					{
								$contentStr .=sprintf($newsTplItem,$row['title'],$row['description'],$row['picUrl'],$row['url']);
								++$itemCount;	
						       }	
							   //开始拼接数据
							$newsTplHeader = sprintf($newsTplHeader, $fromUsername, $toUsername, $time, $itemCount);
							$resultStr  =  $newsTplHeader. $contentStr. $newsTplFooter;
							echo $resultStr;
                }
             }else {
            echo "";
            exit;
		}
    }
    private function checkSignature()
    {
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];    

        $token = TOKEN;
        $tmpArr = array($token, $timestamp, $nonce);
        sort($tmpArr);
        $tmpStr = implode( $tmpArr );
        $tmpStr = sha1( $tmpStr );

        if( $tmpStr == $signature ){
            return true;
        }else{
            return false;
        }
    }
}
?>